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DETAILED ACTION 

This action is responsive to the amendment filed May 21 , 201 0. Claims 1,6,10, 
12, 15-19, 22, 23, and 27 were amended. Claim 26 was canceled. Claims 1-25 and 27 
are pending. 



Response to Amendment 

Claim Rejections - 35 USC §112 

1. The following is a quotation of the first paragraph of 35 U.S. C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

2. Claim 22 is rejected under 35 U.S.C. 112, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one 
skilled in the relevant art that the inventor(s), at the time the application was filed, had 
possession of the claimed invention. While the specification discloses probing interval 
times, it does not disclose using a first, second, and third timing for probing nodes 
based on their ranking, along with a first, second, and third interval between probes, 
with the second interval being longer than the first interval and the third interval being 
longer than the first interval. 
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Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bornstein et al., U.S. Patent Application Publication No. 2002/0163882, further in view 
of Varadarajan et al., U.S. Patent Application Publication No. 2004/0255323. 

As to claim 1 , Bornstein teaches an overlay network for maintaining traffic flow 
between a client and a server during a denial of service attack, comprising: a set of 
overlay nodes, coupled between the client and the server, wherein each overlay node 
comprises: 

a ranking module configured to rank the overlay nodes based on a performance 
metric, wherein an overlay node with a higher-ranking indicates that the overlay node 
has better performance for transferring traffic to the server than overlay nodes with 
lower-rankings (paragraph 38, lines 1-17, Bornstein discloses ranking a route's 
performance, which is based on its nodes, by using ping data); and 

a probing module configured to probe a portion of the overlay nodes with higher- 
rankings more frequently than overlay nodes with lower-rankings during probing 
intervals (paragraph 38, lines 17-28, paragraph 43, Bornstein discloses pinging the top 
performing routes more frequently). 



Application/Control Number: 10/762,391 Page 4 

Art Unit: 2457 

Bornstein does not explicitly teach each overlay node having a performance 
metric comprising an amount of bandwidth available to reach the overlay node from a 
probing node and amount of bandwidth available between the overlay node and a target 
node and wherein an overlay node having a higher amount of available bandwidth has a 
higher ranking than another overlay node with a lower amount of available bandwidth. 

However, Varadarajan teaches available bandwidth between nodes updated to 
an available bandwidth matrix (paragraphs 39, 50). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Bornstein in view of Varadarajan to use each overlay node having a 
performance metric comprising an amount of bandwidth available to reach the overlay 
node from a probing node and amount of bandwidth available between the overlay node 
and a target node and wherein an overlay node having a higher amount of available 
bandwidth has a higher ranking than another overlay node with a lower amount of 
available bandwidth. One would be motivated to do so because bandwidth is a known 
performance metric that is used in ranking nodes. 

Regarding claim 2, Bornstein teaches the overlay network as recited in claim 1, 
wherein each overlay node further comprises a path selection module, configured to 
dynamically select an overlay node with a highest-rankings to be included as part of a 
pathway for transferring traffic to the server (paragraph 43, lines 1-4). 

Regarding claim 4, Bornstein teaches the overlay network as recited in claim 1, 
further comprising one or more target nodes, configured to transfer the traffic from one 
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or more of the overlay nodes directly to the server, the one or more target nodes having 
exclusive knowledge of an identity for the server (paragraphs 38, 43). 

Regarding claim 5, Bornstein teaches the overlay network as recited in claim 1, 
wherein each overlay node is virtually connected to each other (paragraphs 38, 43). 

Regarding claim 6, Bornstein teaches the overlay network as recited in claim 1, 
wherein the performance metric includes at least one of: latency, loss rate, and jitter; 
and wherein an overlay node with a higher-ranking indicates that the overlay node has 
better performance for transferring traffic to the server than overlay nodes with lower- 
rankings, the better performance including at least one of: less jitter, lower latency, and 
less packet loss (paragraphs 38, 43). 

Regarding claim 7, Bornstein teaches the overlay network as recited in claim 1, 
wherein the ranking module is further configured to determine whether the portion of 
overlay nodes with higher-rankings continue to have better performance for transferring 
traffic to the server than one or more of the overlay nodes with lower-rankings after a 
probing interval (paragraphs 38, 43). 

Regarding claim 8, Bornstein teaches the overlay network as recited in claim 1, 
wherein the ranking module is configured to demote the rankings of the portion of 
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overlay nodes with higher-rankings to lower-rankings if the portion of overlay nodes with 
higher-rankings have worse performance for transferring traffic to the server than one or 
more of the overlay nodes with lower-rankings after a probing interval (paragraphs 38, 
43). 

Regarding claim 9, Bornstein teaches the overlay network as recited in claim 1, 
wherein the traffic is data (paragraphs 38, 43). 

Regarding claim 17, Bornstein teaches the method as recited in claim 10, 
comprising determining whether the portion of overlay nodes with higher-rankings 
continue to have better performance for transferring traffic to a target than one or more 
of the overlay nodes with lower-rankings after a probing interval; and promoting the 
rankings of one or more of the overlay nodes with lower-rankings to higher-rankings, if 
the portion of overlay nodes with higher-rankings have worse performance for 
transferring traffic to a target than one or more of the overlay nodes with lower-rankings 
(paragraphs 38, 43). 

Claims 1 0-1 6 and 1 8-21 do not teach or define any new limitations above claims 
1 , 2, 4-9, and 17 and therefore are rejected for similar reasons. 

5. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Bornstein 
and Varadarajan further in view of Corrigan et al., U.S. Patent Publication No. 
2004/0148357. 
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As to claim 3, Bornstein and Varadarajan teach the method of claim 1 . 

Bornstein and Varadarajan do not explicitly teach an access node, configured to 
authenticate traffic directed to the server from the client, and forward authenticated 
traffic to one or more of the overlay nodes. 

However, Corrigan teaches a messaging gateway for use by mobile networks 
(see abstract). Corrigan teaches the use of validation nodes (paragraph 51). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Bornstein and Varadarajan in view of Corrigan to use an access 
node, configured to authenticate traffic directed to the server from the client, and 
forward authenticated traffic to one or more of the overlay nodes. One would be 
motivated to do so because it guarantees confidentiality and integrity of all traffic. 

6. Claims 23-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bornstein further in view of Corrigan et al., U.S. Patent Publication No. 2004/0148357. 

Regarding claim 23, Bornstein teaches an overlay network to mitigate a denial of 
service attack, comprising: target nodes configured to transfer the traffic previously 
authenticated by the access nodes to the server; and overlay nodes, coupled between 
the access nodes and the target nodes, configured to route the traffic from the access 
nodes to the target nodes by selecting a best end-to-end path between the client and 
the server based in accordance with at least one performance metric, wherein each 
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overlay node comprises: a ranking module configured to rank the overlay nodes based 
on the performance metric, wherein an overlay node with a higher-ranking indicates that 
the overlay node has better performance for transferring traffic to one of the target 
nodes than overlay nodes with lower-rankings; and a probing module configured to 
probe a portion of the overlay nodes with higher rankings more frequently than overlay 
nodes with lower ranking during probing intervals, the ranking module ranking a first 
overlay node with a first ranking, a second, different overlay, node with a second, lower 
ranking and a third, different overlay node with a third ranking, that is lower than the 
second ranking, the probing module probing the first overlay node more often than 
probing the second overlay node and probing the second overlay node more often than 
probing the third overlay node (paragraphs 38, 43, 44). 

Bornstein does not explicitly teach access nodes configured to authenticate 
traffic directed to the server from the client. 

However, Corrigan teaches the use of validation nodes (paragraph 51). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Bornstein in view of Corrigan to use access nodes configured to 
authenticate traffic directed to the server from the client. One would be motivated to do 
so because it guarantees confidentiality and integrity of all traffic. 

Regarding claim 24, Bornstein teaches the overlay network as recited in claim 
23, wherein each overlay node is configured to dynamically select, a best target node 
for accessing the server and a best path to reach that target node (paragraphs 38, 43). 
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Regarding claim 25, Bornstein teaches the overlay network as recited in claim 
24, wherein the best path is selected via a best next hop measured in terms of the at 
least one performance metric (paragraphs 38, 43). 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

8. Claims 22 and 27 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Bornstein et al., U.S. Patent Application Publication No. 2002/0163882. 

Regarding claim 22, Bornstein teaches n a network comprising overlay nodes 
interspersed between a server and client, a system for mitigating against a denial of 
service attack, the system comprising: at least one overlay node; means for probing 
overlay nodes in the network during a probing interval to determine connectivity levels 
of each overlay node; the at least one overlay node comprising means for ranking each 
overlay node wherein an overlay node having a highest- ranking has a highest 
connectivity potential for transferring traffic to the server, the means for ranking 
assigning at least one overlay node with a first, highest ranking at least one other 
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overlay node with a second ranking that is lower than the first ranking and at least one 
other overlay node with a third ranking that is lower than the second ranking; means for 
selecting the overlay node with the highest-ranking to be included as part of a pathway 
for transferring the traffic to the server; and means for probing a portion of the overlay 
nodes with higher-rankings more frequently than other overlay nodes during subsequent 
probing intervals the means for probing using a first timing for probing an overlay node 
having the first ranking with a first interval between probes, the means for a second 
timing for probing an overlay node having the second ranking with a second interval 
between probes, the second interval being longer than the first interval and the means 
for probing using a third timing probing, an overlay node having the third ranking with a 
third interval between probes, the third interval being longer than the second interval 
(paragraphs 38, 43, 44, Bornstein discloses ranking a route's performance, which is 
based on its nodes, by using ping data, pinging the top performing routes more 
frequently, and ranking of multiple routes). 

Regarding claim 27, Bornstein teaches in an overlay network, a node for 
maintaining traffic flow between a client and a server during a denial of service attack, 
the node comprising: a ranking module configured to rank overlay nodes coupled 
between the client and the server based on a performance metric, wherein overlay 
nodes with a higher-ranking indicates that the overlay nodes have better performance 
for transferring traffic to the server than overlay nodes with lower-rankings; and a 
probing module configured to probe a portion of the overlay nodes with higher-rankings 
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more frequently than overlay nodes with lower-rankings during probing intervals, the 
ranking module ranking- a first overlay node with a first ranking- a second, different 
overlay node with a second, lower ranking and a third, different overlay, node with a 
third ranking that is lower than the second ranking, the probing module probing the first 
overlay node more often than the second overlay node and probing the second overlay 
node more often than the third overlay node (paragraphs 38, 43, 44). 



Response to Arguments 

9. Applicant's arguments with respect to claims 1-25 and 27 have been considered 
but are moot in view of the new ground(s) of rejection. 



Conclusion 

1 0. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

1 1 . The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Pat. No. 5,539,659 to McKee et al., because it discloses ranking of nodes. 
U.S. Pat. No. 5,802,503 to Sansone, because it discloses nodes that are ranked 
and weighted. 

U.S. Pat. Publication No. 2002/0002686 to Vange et al., because it discloses a 
method and system for overcoming denial of service attacks. 

U.S. Pat. No. 7,185,077 to OToole et al., because it discloses performance 
metrics of a network and an overlay network of nodes. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AVI GOLD whose telephone number is (571)272-4002. 
The examiner can normally be reached on M-F 8:30 a.m. to 5 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on 571-272-4001 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
/A. G./ 

Examiner, Art Unit 2457 
/ARIO ETIENNE/ 

Supervisory Patent Examiner, Art Unit 2457 



